Two security holes in the JavaScript-based blogging platform known as Ghost have been described by cybersecurity researchers, one of which might be exploited to raise privileges via carefully crafted HTTP queries.
The authentication bypass vulnerability, identified as CVE-2022-41654 (CVSS score: 8.5), enables unprivileged users (i.e., members) to alter newsletter settings without authorization.
The flaw was found by Cisco Talos, which warned it may allow a member to alter the system-wide default newsletter that all users are automatically subscribed to.
In a warning posted on November 28, 2022, Ghost stated that “this provides non-privileged users the opportunity to read and alter settings they were not intended to have access to read more New Security Flaws Reported in Ghost CMS Blogging Software.”